Thursday 16 October 2014

Dirty, rotten scoundrels

cheats

From IDKFA-activated arsenal boosts in Doom to sophisticated aimbots, cheating in games has evolved signifi cantly since its developer-championed inception. NATHAN LAWRENCE takes a faithful look at the rise and restriction of online cheaters.

There was a time when cheats were fun, back when cheats provided an unofficial ‘beyond casual’ difficulty option for games. The uniting logic behind the lack of controversy surrounding cheating back in the good ol’ gaming days was twofold. First, games were, more often than not, purely single-player experiences. Second, the individual player had the option to choose to activate cheats at their discretion in a contained solo experience.


The rise of online gaming has brought with it a rise in cheaters, and the instantly recognisable controversy arises out of the undeniable fact that in multiplayer, the majority of players have chosen to not cheat, yet they still have their gameplay experiences impacted by players that choose to break the rules. Online cheating has gone through a fascinating spectrum: from freely accessible to everyone, to an exclusive club that has companies actively working against them.

We picked the brain of one frustrated gamer who went on to create what is arguably the most recognisable name when it comes to anti-cheating technologies. Tony Ray is the founder of Even Balance Inc., responsible for the popular anti-cheat software PunkBuster, and spoke candidly with PC PowerPlay about the ongoing fight against cheaters.

A HISTORY OF CHEATING

During the birth of online gaming just before the new millennium, it was up to players to deal with cheaters, with little to no support from developers. At best, honest online gamers could rely on inbuilt administrative tools for temporary bans on players suspected of cheating. It wasn’t until the arrival of the millennium that players received proactive support in the form of PunkBuster, which was dependent on developer support to effectively and continually keep up with evolving cheats for specific titles. PunkBuster supported Counter-Strike and other Half-Life mods, but later discontinued support as Valve was unwilling to integrate the software directly into the core game.

This was most likely because Valve was working on its own anti-cheating measures. Before Valve launched Steam in 2003, it acknowledged the frustration and disruption of prevalent cheating in insanely popular multiplayer title Counter-Strike by launching Valve Anti-Cheat (VAC). Years after launching VAC, Valve reported detecting more than 10,000 cheating attempts in a single week. When VAC was initially launched, it applied 24-hour bans. The duration grew from one year to five years and, nowadays, bans are permanent. Of the 300 games supported by VAC, the Valve-created Source-engine games ban across titles using the same engine. With increased risk of losing access to multiple games for a single instance of banning, cheaters have a lot more to risk these days.

BUSTING PUNKS

Before the rise of VAC, there was PunkBuster: the brainchild of Tony Ray, who was determined to do something about online cheaters. “I got tired of watching my favourite game communities die, because that’s what rampant cheating does,” said Tony. “When a major video-card manufacturer developed hotkeys for their display drivers that would toggle a builtin wallhack [the ability to see through walls] for any FPS game and advertised ‘use our stuff, win your match’ full-page spreads in gaming magazines, that was the last straw for me.”

Tony is referring to the infamous ASUS drivers for NIVIDIA-chipset cards that were instantly criticised by the overwhelming majority of online gamers upon announcement. At the time, ASUS boasted about the competitive edge afforded by the drivers in a press release. “There are three special weapons for ASUS VGA cards’ users—Transparent View, Wireframe View, and Extra Light. If you do not have an ASUS VGA card—be careful! Never compete in the 3D games with anyone who has an ASUS VGA card. Because the only result is to loose [sic].” While the drivers were never officially released, they did mysteriously make their way online, much to the chagrin of honest players. PunkBuster evolved to detect and ban players using the ASUS drivers, but players with the legitimatised-cheating drivers were still able to prey on servers unprotected by PunkBuster.

CHEATING 2.0

A lot has changed in the world of cheating since PunkBuster was first integrated into Return to Castle Wolfenstein. “The whole landscape has changed; the bar has been raised significantly,” said Tony. “Cheat developers now know that if their cheat is easily detectable, they’ve wasted their time in developing it. Back then, any kid could go to one of many different sites and freely download a hack and cheat with impunity. Not anymore. Now cheat authors have to possess advanced knowledge to have any hope of avoiding detection for any period of time.”

While the days of freely available effective cheats are in the past, the cheat authors have had to evolve their tactics to stay on top of things. In turn, prospective cheaters must risk exposing their software to those creating the cheats. “Now a cheater has to be willing to pay for cheats and, in turn, essentially give a known hacker access to their computer and any data it contains,” said Tony. “Many commercial cheats include blatant spyware and trojans to allow the hack author to remotely access their subscribers’ computers. So the total number of people willing to cheat is just a fraction of what it used to be, because now there is non-trivial cost and risk associated.”

CHEATER’S MARKET

This is why hackers are now in a position to charge for their wares. “The battle has moved more to the lines of hack authors trying to prevent access to their cheats by carefully monitoring their subscribers,” said Tony. But the battle isn’t all hopeless. With new hacking approaches, comes new detection methods for stopping them.

But that still doesn’t make it straightforward to stop cheat authors: as anti-cheating methods improve, so too do the ways in which cheaters attempt to circumnavigate them. “Cheats are highly customised and tuned to each game. A cheat has to be very good at hiding in specific spots within a known game executable process and be able to take advantage of that game’s specific weaknesses. The cheat’s functions are tied to how to ‘win’ in that game. Some games are less susceptible to wallhacks than others so those games get a whole different kind of cheat. Most modern commercial hacks are like a buffet: the cheater picks which features of the game he wants to hack during that gaming session.”

MAJORITY RULES

While cheating may seem rampant in particularly popular games — even those protected by PunkBuster such as Battlefield 4 and Red Orchestra 2—the actual number of cheaters is refreshingly low. As for specific percentages, nailing that down is a bit trickier. “No-one really knows the answer to [specific percentages]. When free public cheats are released for a popular game, the number of cheaters is extremely low: less than one percent of one percent of the total player base. Even counting the commercial cheat subscribers is difficult for many reasons, but most of them only have a few hundred subscribers, at most, that actually play games frequently enough to cause a stir.”

But not everyone who gets banned for cheating is actually guilty of crimes against gamer code. The term ‘false positive’ is used to describe any identifying methodology that erroneously detects something that falls into a specific measuring criteria; in this instance, it refers to players that aren’t actually cheating. In terms of VAC, only seven reported instances of false positives have occurred since its inception; and, in each case, the bans were rescinded and used to update later versions of the anti-cheating software. This is significant when taking into account the reality that VAC has identified more than 200,000 different types of cheating software used by gamers.

As for PunkBuster, it also has a completely transparent approach to communicating instances of false positives. In fact, Even Balance takes it one step further by allowing benefit of the doubt to all affected by such rare occurrences. “We report [false positives] on the release-notes portion of our website for each supported game,” said Tony. “I count three so far during 2014 across all games. We have a specific QA process we have developed over the years to try to prevent false positives, and it has gotten very sophisticated. We believe it is impossible to completely eliminate false positives and still be effective at catching cheaters. When we do confirm a false positive, we also unban anyone affected, even if we know most of them were really cheating.”

DEVELOPER INPUT

As online multiplayer continues to grow in popularity, so too does the expectation that certain players will be tempted to cheat. “It’s getting more and more rare to see a top-tier multiplayer online PC titles being released without an included anti-cheat, as the publishers and developers know it is expected. Beyond that, with the advent of ubiquitous fast Internet, developers are thankfully able to move away from client-side hit detection and leverage fast hardware on the back-end servers to do more of the computational work that used to be handled in game clients.” This is another strong reminder of the importance for developers to provide dedicated-server support for multiplayer titles.

When Even Balance is recruited to implement its anti-cheating software for an upcoming multiplayer title, the closeness of the working relationship is dependent on the developer. “We always work closely during integration before release, and after we let the developer decide how closely they will be involved in the ongoing effort. For some developers, we can give suggestions for improvements in the game engine and they follow through with changes that really make a difference in the next update.”

Tony acknowledged that it’s unrealistic for developers to provide anti-cheating support for games indefinitely. “Other [developers] have already moved on to the next title and, hopefully, try to improve that next title with meaningful improvements. That’s not meant as a criticism. We understand making a game is a huge endeavour with a lot of financial risk to developers; they can’t all just keep a programming crew staffed forever to keep updating a game after it has been released. That’s one of the benefits to a developer of using PunkBuster, so they can move on and let us fight cheating in their prior titles.” This ongoing support is evidenced in PunkBuster’s list of supported older titles such as America’s Army, Battlefield 2 and Medal of Honor.

FUTURE OF CHEATS

It’s unlikely that cheating will be forever extinguished in the online multiplayer space. As long as competitive multiplayer titles are popular, so too will be the lure for players to gain a competitive edge via cheats. It’s an ongoing fight for the anti-cheat movement, and it still has its challenges. “Stopping public free cheats is as easy as ever, but keeping continual access to commercial cheat sites is getting harder. The benefit is that it is costing the cheaters more and more to keep cheating, and when we do get access [to a cheating site], we are usually able to bust the whole group of subscribers on that site all at once. If you cheat, you will get caught at some point. That provides a deterrent even for people who used to cheat when they believed they couldn’t get caught.”

Unfortunately, just as Even Balance is eventually able to infiltrate cheat sites to bust cheaters en masse, the cheaters are trying to follow suit and get their hands on PunkBuster code. “Finding trustworthy people,” said Tony, in response to what the biggest current challenge is for PunkBuster, “and getting to a point of knowing they are not a cheater trying to get inside the organisation.” This unfortunate reality of distrust in terms of privileged information also meant Tony was unwilling to discuss the exact priorities for the future of PunkBuster, outside of confirmation that Even Balance is working on “specific methods of advanced cheat detection”. In truth, we’re happy not to know what those methods are if it means a greater likelihood of fewer cheaters in PunkBuster-protected games.

Valve follows a similar methodology, only releasing small portions of the overall VAC code to players at any one time, so subsequent circumnavigation methods are isolated, while the core anti-cheating code is protected on the server side. It’s truly an unfortunate reality that a spike in popularity for online gaming brings with it an increase in cheaters. However, it’s good to know that the anti-cheaters protecting the majority of honest players are using secure and secret methodologies that keep them one step ahead of the cheat authors at all times.